Infosecurity News

  1. Destructive Attacks on Financial Institutions Surge

    Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks

  2. DaggerFly-Linked Linux Malware Targets Network Appliances

    DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks

  3. Threefold Increase in Malware Targeting Credential Stores

    Picus Security reports infostealer surge after revealing credentials appear in 29% of malware

  4. Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA

    A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations

  5. Surge in Infostealer Attacks Threatens EMEA Organizations' Data Security

    Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets

  6. Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks

    Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals

  7. Casio and Others Hit by Magento Web Skimmer Campaign

    Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s

  8. CISA Warns of Backdoor Vulnerability in Contec Patient Monitors

    CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt monitoring functions

  9. High-profile X Accounts Targeted in Phishing Campaign

    Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes

  10. 768 CVEs Exploited in the Wild in 2024

    VulnCheck observed 768 public reports of CVEs exploited in the wild for the first time in 2024, a 20% rise compared to 2023

  11. European Police: Data Volumes and Deletion Hindering Investigations

    A new Europol report warns of major challenges accessing and analyzing data for cybercrime investigations

  12. UK Announces “World-First” AI Security Standard

    The UK government has launched a new AI security code of practice it believes will become an ETSI standard

  13. Threat Actors Target Public-Facing Apps for Initial Access

    Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques

  14. Tata Technologies Hit by Ransomware Attack

    The Indian tech giant temporarily suspended some of its IT services, which have now been restored

  15. DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities

    Cyber reports exposed major security flaws in DeepSeek’s R1 LLM

  16. International Operation Dismantles Cracked and Nulled Cybercrime Hubs

    A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services

  17. Google Blocked 2.36 Million Policy-Violating Apps

    Google Play blocked 2.36 million policy-violating apps and banned 158,000 harmful developer accounts in 2024

  18. Attackers Increase Use of HTTP Clients for Account Takeovers

    HTTP client tools used to compromise Microsoft 365 environments with 78% of tenants targeted in 2024

  19. Syncjacking Attack Enables Full Browser and Device Takeover

    SquareX researchers warn that browser syncjacking could lead to full browser and device hijacking

  20. DeepSeek Exposed Database Leaks Sensitive Data

    Researchers at Wiz uncovered a publicly accessible database belonging to Chinese GenAI provider DeepSeek that leaked sensitive data, including chat history

What’s Hot on Infosecurity Magazine?